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(54) STORAGE DEVICE WITH SECRECY PROTECTION MECHANISM AND 
SECRECY PROTECTION SYSTEM USING THE SAME 

(57)Abstract: 

PURPOSE: To protect the secrecy of stored data without manually inputting 
identification information by a user. 

CONSTITUTION: A magnetic disk device 2 where the data are stored is freely 
attached to and detached from a host 12. When the power source is turned ON. a 
discrimination information transmission command is sent out of the disk drive 2 to the 
host 1 . In response to the command, the stored data are allowed to be accessed only 
when identification information inputted from the host 1 is matched with the 
identification information of the disk drive. Further, the access to the data is allowed 
only when the identification information is inputted within a specific time clocked by a 
timer 27 after the identification information transmission command is sent out. If the 
disk device 2 is stolen, its data can not be accessed since identification information 
does not match or is not inputted within the specific time, so that its secrecy is 
protected. 
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CLAIMS 



[Claim(s)] 

[Claim 1] The storage which characterizes by to include the 1st access-permission 
means which permits access of said data only when a command sending-out means 
send out an identification-information sending-out command to the external access 
equipment which is the storage holding the secrecy of the data which have 
memorized, and desorption is free and accesses self^equipment to self-equipment, 
and the identification information which answered this command and was inputted 
from said access equipment and the identification information of self-equipment are in 
agreement. 

[Claim 2] Storage according to claim 1 characterized by including the 2nd access- 
permission means which permits access of said data only when it replaces with said 
1 St access-permission means and the input of said access equipment to identification 
information is in predetermined time from the time of sending out of said identification 
information sending-out command. 

[Claim 3] It is a security-protection system in the external access equipment which 
desorption is free and accesses this storage to the storage holding the secrecy of the 
memorized data, and this storage. A command sending-out means by which said 
storage sends out an identification information sending-out command to said access 
equipment, An access-permission means to permit access of said data only when the 
identification information which answered this command and was inputted from said 
access equipment, and the identification information of a store are in agreement is 
included. Said access equipment is a security-protection system characterized by 
including an identification information sending-out means to answer said identification 
information sending-out command, and to send out the identification information of 



self-equipment to said storage. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Industrial Application] This invention relates to the security-protection system using 
the magnetic disk drive with a device and this holding especially the secrecy of stored 
data about the security-protection system which used a store with a security- 
protection device, and this. 
[0002] 

[Description of the Prior Art] There is a Provisional-Publication-No. No. 1 78456 [ 57 
to ] official report as a well-known technique of holding the secrecy of stored data, 
such as a magnetic disk drive. This permits access of a magnetic disk drive, only 
when identification information is in agreement. That is, identification information is 
beforehand recorded on the magnetic disk drive, and when a user uses a magnetic 
disk drive, manual input of the identification information is carried out. And the 
identification information beforehand recorded as the inputted identification 
information is collated, utilization authorization / disapproval is distinguished, and. in 
utilization authorization, access to a magnetic disk drive is permitted. 
[0003] Moreover, the body was equipped with the key in some personal computers, in 
the condition of having locked, it locked electrically or the measures of preventing the 
theft of a magnetic disk drive physically by carrying out by the ability not 
disassembling a case were taken in the condition of having locked so that powering on 
(system startup) could not be carried out to a body. 
[0004] 

[Problem(s) to be Solved by the Invention] However, in the personal computer of a 
desktop mold, while the measures of equipping a key in the most are not taken, in 
order to raise operability, the attachment-and-detachment method of a magnetic disk 
is simplified, and possibility of encountering a theft is becoming high. 
[0005] With the well-known technique of the Provisional-Publication-No. No. 178456 
[ 57 to ] official report mentioned above, there was a fault that it was necessary to 
input identification information manually whenever a user accesses a magnetic disk 
drive. 

[0006] Made in order that this invention may solve the fault of the conventional 
technique mentioned above, the object is offering the security-protection system 
using the storage with a security-protection device and this which a user s does not 
need to input identification information manually and can hold secrecy. 



[0007] 

[Means for Solving the Problem] The store with a security-protection device by this 
invention is a store holding the secrecy of the memorized data. A command sending- 
out means to send out an identification information sending-out command to the 
external access equipment which desorption is free and accesses self-equipment to 
self-equipment, Only when the identification information which answered this 
command and was inputted from said access equipment, and the identification 
information of self-equipment are in agreement, it is characterized by including the 
1st access-permission means which permits access of said data. 
[0008] The security-protection system by this invention is a security-protection 
system in the external access equipment which desorption is free and accesses this 
storage to the storage holding the secrecy of the memorized data, and this storage. A 
command sending-out means by which said storage sends out an identification 
information sending-out command to said access equipment, An access-permission 
means to permit access of said data only when the identification information which 
answered this command and was inputted from said access equipment, and the 
identification information of a store are in agreement is included. It is characterized 
by said access equipment including an identification information sending-out means to 
answer said identification information sending-out command, and to send out the 
identification information of self-equipment to said storage. 
[0009] 

[Function] Access of data is permitted only when the identification information which 
answered the identification information command and was inputted from the external 
access equipment in which desorption is free, and the identification information of 
self-equipment are in agreement. Moreover, access of data is permitted only when 
the input of access equipment to identification information is in predetermined time 
from the time of sending out of an identification information command. 
[0010] 

[Example] Next, this invention is explained with reference to a drawing. 
[001 1] Drawing 1 is the block diagram showing the configuration of one example of 
the security-protection system by this invention. In drawing, the security-protection 
system by one example of this invention consists of a security-protection device 100 
prepared in the host 1 side, and a security-protection device 200 prepared in the 
magnetic disk drive 2 side. In addition, the magnetic disk 20 which memorizes data at 
a host 1 side to a host devices [, such as a body of a personal computer, ] 10 and 
magnetic disk drive 2 side is established, and the host 1 and magnetic disk drive 2 
side is connected by the communication path 3 of a cable etc. 
[0012] The security-protection device 100 by the side of a host 1 is constituted 
including ID storage table 13 which memorizes the original identification information 
(ID is called hereafter) which a user can set as arbitration, the transceiver circuit 1 1 
which performs transmission and reception of data, and the analysis circuit 12 which 



performs analysis of received data. 

[0013] On the other hand, the security-protection device 200 by the side of a 
magnetic disk drive 2 CPU21 which supervises all the events generated within this 
device (Central Prosessing Unit), The transceiver circuit 22 which transmits and 
receives data, and the analysis circuit 23 which analyzes received data, ID storage 
table 24 which memorizes original ID which a user can set as arbitration. With 
reference to the data contained in the analyzed signal, it is constituted including the 
correlation circuit 25 to collate, the control circuit 26 which performs 
reservation/cutting control of the communication path of a magnetic disk drive 2 and 
a host 1 , and the timer 27 which supervises the time amount which the user set as 
arbitration. 

[0014] In this configuration, the user registers original ID of arbitration into ID storage 
tables 1 3 and 24 beforehand. In this case, the same ID information is registered into 
ID storage tables 1 3 and 24. 

[0015] Generally, although CPU within the body in a personal computer performs 
initialization processing to the magnetic disk drive connected to the power up to a 
body, it performs distinction just as a connection partner, or unjust from a magnetic 
disk drive 2 side to a host 1 side in this initialization processing in the system of this 
example. 

[0016] By the security-protection device 200 prepared in the magnetic disk drive 2 
side, the data used as the instruction for making ID answer a letter are sent from the 
transceiver circuit 22 to the security-protection device 1 00 prepared in the host 1 
side based on the instruction of CPU21. 

[0017] In the security-protection device 100, the transceiver circuit 1 1 receives the 
data sent from the transceiver circuit 22. and it analyzes in the analysis circuit 1 2. 
And the data containing the ID are generated with reference to ID registered into ID 
storage table 13 based on the analyzed content, and a letter is answered from the 
transceiver circuit 1 1. 

[0018] Next, by the security-protection device 200, the data answered from the 
security-protection device 100 are received in the transceiver circuit 22, and reply 
data are analyzed in the analysis circuit 23. And ID contained in the data analyzed in 
the analysis circuit 23. i.e., ID registered into ID storage table 13, and ID registered 
into ID storage table 24 are set and collated [ compare and ] with a correlation circuit 
25. 

[0019] When ID is in agreement as a result of collating, it is judged that it is a 
connection request from a just host. In this case, the data which mean connection 
authorization are sent to the security-protection device 100. and a communication 
path with a magnetic disk 20 is secured by the control circuit 26. Thereby, processing 
is ended. It is not necessary to input ID henceforth and it can access a magnetic disk 
20 as usual. 

[0020] On the other hand, when ID is not in agreement as a result of collating, it is 



judged as the connection request from an unspecified host, and, as for a control 
circuit 26, a communication path with the security-protection device 100 is cut 
electrically. Thereby, processing is ended. 

[0021] Moreover, the timer 27 is constituted so that a user can set up the time 
amount of arbitration. And when the security-protection device 200 sends out the 
data used as the instruction for making ID answer a letter, if there is no reply of the 
security-protection device 100 to ID into the setup time of the timer [ from ] 27, it 
will be judged as the connection request from an unspecified host, and a control 
circuit 26 will cut electrically a communication path with the security-protection 
device 100. Thereby, processing is ended. In addition, a key input, the switch on the 
tooth back of equipment, etc. perform time setting to a timer 27. Time amount may be 
set up beforehand. 

[0022] By equipping the monitoring function by the timer 27 the security-protection 
device 100 and whose security-protection device 200 are what becomes a pair and 
functions fundamentally, when a magnetic disk includes a third party's hand according 
to a theft etc., the secrecy of data can be held. That is, since there is no reply of ID 
into the setup time of a timer 27 when the security-protection device 100 is not 
formed in a third party's host side, it can become a time-out, and can judge that it is 
a connection request from an unspecified person's host, and a communication path 
can be electrically cut to the connection request from an unspecified host. 
[0023] Although possibility that equipment will encounter a theft is also becoming high 
with the miniaturization of a magnetic disk drive in recent years, and simplification of 
an attachment-and-detachment method, it is avoidable that the data memorized even 
if it should encounter a theft according to the equipment of this example flow out 
outside. When the data memorized are extra sensitive information, it is thought that 
especially this magnetic disk drive is effective. 

[0024] As mentioned above, the data memorized even if a store is in a theft by 
permitting access, only when ID is in agreement are not accessed, and the secrecy of 
the data can be held. And the user does not need to input ID. 
[0025] Also when the input of ID is in predetermined time from a power up and it 
permits access, similarly data are not accessed and the secrecy can be held. 
[0026] In addition, although the case of a magnetic disk drive was made into the 
example and the above example explained, it is clear that this invention can apply to 
various kinds of storage, such as not only this but a semiconductor memory, widely. 
[0027] In relation to the publication of a claim, this invention can take the following 
mode further. 

[0028] (1) Said command sending-out means is storage according to claim 1 or 2 
characterized by sending out said identification information sending-out command to 
the power up of self-equipment. 

[0029] (2) Said command sending-out means is storage according to claim 1 or 2 
characterized by sending out said identification information sending-out command at 



the time of initialization of self^equipment. 

[0030] (3) Said command sending-out means is a security-protection system 
according to claim 3 characterized by sending out said identification information 
sending-out command to the power up of said storage. 

[0031] (4) Said command sending-out means is a security-protection system 
according to claim 3 characterized by sending out said identification information 
sending-out command at the time of initialization of said storage. 
[0032] 

[Effect of the Invention] Access of data is permitted only when the identification 
information which this invention answered the identification information command and 
was inputted from external access equipment, and the identification information of a 
store are in agreement, as explained above. Moreover, only when the input of access 
equipment to identification information is in predetermined time from the time of 
sending out of an identification information command, by permitting access of data, it 
is effective in the ability to hold the secrecy of the data held at the store. 



DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 

[Drawing 1] It is the block diagram showing the security-protection structure of a 
system by the example of this invention. 
[Description of Notations] 
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